WordPress 4.2.3 Security and Maintenance Release

Published: July 26, 2015

WordPress recently posted news of version 4.2.3, a security and maintenance release:

WordPress 4.2.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.


Via Security Week.

WordPress @ TC3

Published: October 20, 2012




WordPress rules the web — so where’s the money?

Published: September 13, 2012

“Today WordPress powers one of every 6 websites on the Internet, nearly 60 million in all, with 100,000 more popping up each day. Those run through its cloud-hosted service, which lets anybody create a free website online, attract 330 million visitors who view 3.4 billion pages every month.”

Given the ubiquity of WordPress, why isn’t [WordPress founder Matt] Mullenweg, now 28, a billionaire? Since its founding in 2005 Automattic has chosen scale over scratch, giving away much for free. Only 1% of WordPress.com devotees pay. Not among them: users of WordPress.org (the open-source version), who run servers and implement the software themselves. A small percentage has only recently been coaxed into paying for additional features like file backups. Automattic implemented an ad-sharing service–on a limited basis–just last year.

… a massive community of developers and consultants make a living directly off of WordPress. In a recent survey, the company found 20,000 people across the globe hosting blogs, designing websites and offering maintenance services for WordPress users.”

[Source: forbes.com]

2011 Open Source CMS Market Share Report


Results of a study of various popular Content Management Systems:

The 2011 Open Source CMS Market Share Report concludes that three brands — Joomla!, WordPress, and Drupal — dominate today’s market. The Report concludes that WordPress leads in brand strength and market share after a strong year.

The Report follows the market share and brand strength indicators for 20 top systems, assessing each on a wide variety of measures. The study focuses on identifying the market leaders, both in terms of rate of adoption and mindshare.

While WordPress, Joomla! and Drupal lead the survey set across a wide range of measures, the report also identifies other trends in this year’s open source CMS market.

** DotNetNuke continues to lead the .NET CMS race, though Umbraco shows strength.

** Liferay & Alfresco are neck and neck in the Java CMS race.

** Concrete5 turns in an exceptional year.

The report includes more than 30 exhibits drawn from extensive research and a survey of more then 2,500 users of content management systems.

[source: waterandstone.com]

WordPress: Custom Fields vs. Taxonomies

Published: August 29, 2011

Alex King compares two techniques for customizing WordPress: Custom Fields and Taxonomies.

Custom fields are still the right choice for misc. data that is used for display purposes only, or descriptive data about a post that is used by a behind-the-scenes process. You can serialize data here to store the equivalent of cached relational data. You can set flags for various behavior triggers, etc. You can also create a custom user interface for adding and editing the data you need to store.

Where you should use a custom taxonomy instead is for any data that you need to query on. For example, getting all posts that were broadcast to Twitter; all posts that were created by an outside process; all posts that have a certain workflow status.

The reason to favor a custom taxonomy in these situations has to do with the WordPress database structure. Queries by taxonomy are well optimized as this is a primary front-end presentation feature in WordPress core. Conversely, querying by custom field key and value is slow. The value column in the custom field table is not indexed – you are basically doing a search through data that is not intended for that purpose.

Alex King

Bottom line: database queries are faster for taxonomies, slower for custom fields.

WordPress Security


If you use WordPress, read Let’s Talk – WordPress Security by Karen Max.

FCC.gov reboots as an open government platform

Published: April 6, 2011

“Today, the bar has been raised for federal government website reboots with the relaunch of the new FCC.gov, now available in beta at beta.FCC.gov.”

The new site is organized around the three primary activities: file a public comment, file a complaint, and search for information. The insight for that redesign came through a combination of online traffic analysis, requests for information through the call center, and conversations with FCC employees.

Some changes that go along with the new FCC.gov are literally tiny, like the newly launched FCC.us URL shortener. Others look small but are a big deal, like secure HTTPS web browsing across FCC.gov. Other upgrades work on small devices, enabling interested parties to watch proceedings wherever they are: the fcc.gov/live livestream now includes the ability to sense the device that someone is using and convert on the fly to HTML5 or Flash. That livestream can also be embedded on other websites.

All of those upgrades add up to a greater whole. Broadly speaking, FCC managing director Steve Van Roekel and his team of software developers, designers, new media and IT security staff have worked hard to bring Web 2.0 principles into the FCC’s online operations. Those principles include elements of open data, platform thinking, collective intelligence, and lightweight social software. What remains to be seen in the years ahead is how much incorporating Web 2.0 into operations will change how the FCC operates as a regulator.

Nearly two years ago, Tim O’Reilly and John Battelle asked how Web 2.0 technologies could transform the actual practice of governing. The FCC has made a big step toward that vision, at a cost of approximately $1.35 million in total development costs. “Everything should be an API,” said Van Roekel, speaking in a briefing on Monday. “The experiences that live outside of FCC.gov should interact back into it. In a perfect world, no one should have to visit the FCC website.” Instead, he said, you’d go to your favorite search engine or favorite app and open data from the FCC’s platform would be baked into it.

Alex Howard @ oreilly.com

“Everything should be an API” — words guaranteed to make strong programmers weep for joy

— See [categorySeeAlso slug=”application-programming-interface”]

Also of interest, the new FCC site runs on Drupal:

Specifically, theFCC.gov open source redesign runs on Drupal, like Energy.gov, House.gov and WhiteHouse.gov. The FCC also considered Sharepoint, Documentum, WordPress and Ruby on Rails before ultimately going with Drupal. The use of Drupal at the White House was a “strong validator” for that choice, said Van Roekel. As the White House has done, Van Roekel said that the FCC will contribute code back to the Drupal community.

Via Boing Boing.

Create a Comic Book Themed Web Design

Published: March 15, 2011

Here’s an excellent tutorial on Photoshop techniques — includes sample code, plenty of screenshots, and detailed step-by-step instructions:

In Part 1 we will create a very original design for all the comicbook fans out there. We will create this blog layout from scratch using several tricks in Photoshop to make it look awesome. Then in Part 2 we will learn how to slice it, code it, and get it ready to be converted into a blog CMS theme.

Alvaro Guzman @ Webdesigntuts+

Note that Part 2 is not yet published.

Solo: A Single Page Portfolio WordPress Theme

Published: March 8, 2011

A new theme for WordPress:

“A clean, single page portfolio theme with a sleek style and smooth jQuery effects. Automatic scrolling and expanding project display are just some of the features that will help make your work look even more amazing.”


Via Web Design Ledger.

Top WordPress themes on Google riddled with spamlinks and obfuscated code

Published: January 25, 2011

Cory Doctorow of Boing Boing reports this depressing news about WordPress:

Siobhan Ambrose went looking for a WordPress theme; of the top ten free WordPress theme sites listed on Google, eight had hidden, obfuscated, or encrypted code buried in them that rendered spammy keyword links that were part of a deceptive search engine optimization scheme; in some cases, Siobhan couldn’t figure out what the offending code did and speculates that it might contain malware. Of the remaining two, one hosted themes that didn’t validate. The remaining site, WordPress.org, is the only site in the first ten Google results for “free wordpress theme” whose themes don’t contain deceptive backlinks, obfuscated code, or non-validating themes.

Cory Doctorow @ Boing Boing